• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

ipsec

  1. Looking for 1on1 help preferably in person (Toronto Area)

    Hello Everyone! I am a regular linux user of about 10 years. I am now looking to learn freeBSD. icsdhcp,gateways,ipsec and pf, ect. I am using vmware to create my network and finding that i read a doc on dhcp.conf and realize 1h later its for a version 2 years old and openBSD. I would like...
  2. nerozero

    VPN between two networks

    Hello everyone, I'm trying to build my first VPN tunnel between 2 gateways, both running FreeBSD 11.1. my question, is this manual still consistent? Making a tunnel - its easy,but when I try to apply encryption as it shown in handbook - tunnel stops working ... according to that manual...
  3. l2tpd troubleshooting on FreeBSD 11.1

    Hi, I am trying to setup IPSEC/L2TP VPN client on FreeBSD 11.1, I got security/strongswan working and I can see it establish the connection, now trying to setup net/l2tpd, Following is the configuration: /usr/local/etc/l2tp/l2tp.conf [global] access control = yes Port = 1701 [lac l2tp] lns =...
  4. PF + IPSEC + NAT

    Hello all, I am struggling here to get a working site-to-site VPN on FreeBSD 10.3-RELEASE-p24. At first I installed security/strongswanfrom ports (version 5.6.0), and it would not even load its configured connections. So I decided to manually compile security/strongswan 5.5.3 version and...
  5. IPSec VPN LAN-LAN (Site-Site) for site with dynamic gray IP behind NAT

    Hi There is a case: - HQ with fixed white IP - Site with dynamic gray IP behind NAT (!!!) Need to setup IPSec VNP LAN-LAN to connect site to HQ. I've tried Racoon and succeded with establishing IPSec connection, but LAN-LAN connection wasn't established. The same with StrongSwan - I can see...
  6. Other (about technical) How to achieve IPSec throughput above 2 Gbit/s

    Hello forum, (1) As stated in the subject, how to achieve IPSec throughput above 2 Gbit/s? (2) Has anyone run IPSec and successfully hit IPSec throughput above 2 Gbit/s? (3) Which FreeBSD version would be recommended for this scenario? (4) What should be tune in /boot/loader.conf ? (Our...
  7. Solved When to use Openswan?

    Hello! I am trying to look into the whole VPN/IPSec topic. I read the FreeBSD handbook but I am not sure about the different packages. As far as I understand FreeBSD provides IPSec support already. So what's the purpose of a package like OpenSwan. Is OpenSwan a replacement of the "native"...
  8. Donald Baud

    IPsec IKEV2 setup works but where is the interface?

    I setup a simple IPsec IKEv2 vpn. it works fine but how do I get detail about the network information? - Where is the interface tun0 or gif0 or whatever is holding the VPN client's IPs 10.11.12.0/24 - Where is the routing table stored?, I can't see anything different on netstat -rn - I still...
  9. korund

    Routing between jails and physical interfaces

    I'm trying to get the following scheme up and running: What would be a good read to start except of jail man page?
  10. andrian

    How to add an exception in ipsec.conf

    Hi friends. Please help me. How to add an exception network addresses in IPsec.conf? I used security/ipsec-tools and very all good, but string in /etc/IPsec.conf for example: spdadd 0.0.0.0/0 10.0.110.0/24 any -P out ipsec esp/tunnel/1.1.1.1-2.2.2.2/require; spdadd 10.0.110.0/24 0.0.0.0/0 any...
  11. ericx

    tunnel over high latency link

    We're trying to establish and maintain some sort of tunnel from a ship at sea over a high latency satellite link. Several satellite links are in use simultaneously. Bandwidth and latency vary considerably depending on the vendor in use and the position of the ship (this is an R/V; so the ship is...
  12. SA sync

    Hello everyone, Can you please advice how can I sync IPSEC SAs between 2 routers ? Tried to configure Strongswan fail-over, but looks like FreeBSD has no HA plugin. Thank you Best regards, Alex
  13. part1zan_

    After IPSec is set up, the L2TP client cannot connect to the server

    Dear all, I have set up an L2TP server using mpd5, and it works fine. However, when I switch IPSec (ipsec-tools) on, the client doesn't seem to be able to connect to the server: it looks like the server doesn't get any packets from the client. The IPSec configs follow: Client setkey.conf...